The availability of digital information over myriad communication channels and devices presents exposure risks to public and private entities, including competitive risk, brand risk, legal risk and security risk. Competitive and security risks refers to the exposure of confidential, proprietary or classified information to competitors or unauthorized persons or governmental entities. Brand risk arises from possibilities of unauthorized release of internal emails, messaging and other documents that may be damaging to the reputation of the entity. Legal risks are presented by the inappropriate handling, storage, archiving and dissemination of messages that may be subject to subsequent preservation requirements associated with litigation or other legal or regulatory activities.
Information management comprehends services that offer protection from inappropriate or unauthorized data releases. Such services may control access to information via firewalls, password methodology, data encryption, trusted operating system (OS) requirements, and also construct and implement policies and practices for handling sensitive information. The efficacy of such approaches may be undermined by a variety of factors, including internal errors, carelessness, or intentional wrongdoing by those who handle high risk information. Privacy policies and frequent employee training are prerequisites of robust information governance programs, however such policies and procedures have proven insufficient in preventing egregious unintended distributions of sensitive information under the prior art.